Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
615
Views
0
Helpful
2
Replies

DSL, static Ips and firewall

jlitzelman
Level 1
Level 1

‎07-24-2002 01:55 PM - edited ‎03-02-2019 12:09 AM

I have Qwest DSL, 5 static IP's, a firewall and a cisco 678 router. I have the firewall configured as one of my 5 static IP's. Im trying to use port forwarding on my firewall to get to other PC's..

Right now, the only sucess that I have is my mail server... No other ports that I have forwarded work. Is there something I'm missing.. I assumed everything going to IP address xxx.xxx.xxx.xxx would be forwarded to my firewall...

I have had another company admin, that also uses the same firewall, check the firewall config and he finds nothing wrong with the firewall.. He says he cannot figure it out and everything should work okay...

I have to assume that the issue is now with the router...

Right now.. NAT is disabled...

Labels:
0 Helpful
2 Replies 2

jljamison
Level 1
Level 1

‎07-24-2002 02:33 PM

So if I understand this correctly, you have addresses A.B.C.1 through A.B.C.5

(for example). The router's internal address is A.B.C.1 and the firewall is A.B.C.2

Is your router's DSL interface one of the 5 IPs, or does it have a WAN ip address?

Here's my suggestion - set up a private address scheme, say 192.168.1.x on the inside network of your firewall. Set your firewall's internal address to 192.168.1.1/24.

Create a point-to-point network between your router and your firewall. Set your firewall's external address as 10.1.1.1/30 and your router's internal address to 10.1.1.2 /30

Set a route in the router 192.168.1.0/24 to 10.1.1.1. Then use static translations in the router to map your external IP addresses to 192.168.1.0 addresses. Let's say an internal host is your SMTP server. Set it to be 192.168.1.3. Then use the following

ip nat inside source static 192.168.1.3 A.B.C.3

ip nat inside source static 192.168.1.4 A.B.C.4 (if you have another machine)

and turn NAT on at the router

set dsl interface to be "ip nat outside" and ethernet interface to be "ip nat inside"

access-list 7 permit 192.168.1.0 0.0.0.255

ip nat inside source list 7 interface ATM0 overload

Then make sure your firewall allows the protocol connectivity to the inside hosts.

I think the root of your problem is that you are incorrectly distributing your 5 static ips on different logical networks.

0 Helpful

jlitzelman
Level 1
Level 1
In response to jljamison

‎07-24-2002 08:11 PM

Okay.. Lets clarify the situation..

My Ips are a.b.c.1 - a.b.c.5

My Router is locked to a.b.c.6 by qwest...

Right now I use a.b.c.1 as my firewall's external address..

Then I get EMAIL and DNS to my Mail server using port forwarding ports 25 and 53, but setting my firewall to forward ports 25 and 53 to f.g.h.i

But that is it....

Jeff

0 Helpful
Customers Also Viewed These Support Documents